anchela commented on code in PR #32:
URL:
https://github.com/apache/sling-org-apache-sling-auth-oauth-client/pull/32#discussion_r2450750393
##########
src/main/java/org/apache/sling/auth/oauth_client/impl/OidcConnectionImpl.java:
##########
@@ -57,11 +67,39 @@ String webconsole_configurationFactory_nameHint() default
private final Config cfg;
private final OidcProviderMetadataRegistry metadataRegistry;
+ private final String authorizationEndpoint;
+ private final String tokenEndpoint;
+ private final String userInfoUrl;
+ private final String jwkSetURL;
+ private final String issuer;
@Activate
public OidcConnectionImpl(Config cfg, @Reference
OidcProviderMetadataRegistry metadataRegistry) {
this.cfg = cfg;
this.metadataRegistry = metadataRegistry;
+ this.authorizationEndpoint = cfg.authorizationEndpoint();
+ this.tokenEndpoint = cfg.tokenEndpoint();
+ this.userInfoUrl = cfg.userInfoUrl();
+ this.jwkSetURL = cfg.jwkSetURL();
+ this.issuer = cfg.issuer();
+
+ // Validate configuration: either baseUrl is provided OR all explicit
endpoints are provided
+ boolean hasBaseUrl = cfg.baseUrl() != null && !cfg.baseUrl().isEmpty();
+ boolean hasExplicitEndpoints = authorizationEndpoint != null
Review Comment:
i believe the result of these 2 checks should be a single boolean flag
whether or not explicit end points are configured or not. based on that the
return values of the getters should be handled.
imho the current flow can lead to situations where part of the information
is retrieved from baseURL and part from explicit endpoints.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
